CISA Certified Information Systems Auditor – Question1214

A data breach has occurred at a third-party vendor used by an organization to outsource the processing of its customer data. What should be management’s FIRST course of action?

A.
Activate the disaster recovery plan
B. Notify the insurance company of the potential claim
C. Activate the incident management process
D. Take legal action against the service provider for reputation damage

Correct Answer: C